<?php

// phpMyRealty 3
//
// File Name: editlocations.php
// File Location : ./admin/
//
// Copyright (c)2009 phpMyRealty.com
//
// e-mail: support@phpMyRealty.com

// Include configuration file and general functions
define('PMR', 'true');
define('PMRADMIN', 'true');

include ( '.././config.php' );
include ( PATH . '/defaults.php' );

// ----------------------------------------------------------------------

// Title tag
$title = $lang['admin_3level'];

// Template header
include ( PATH . '/admin/template/header.php' );

// If logged we can start the page output
if (adminAuth($session->fetch('adminlogin'), $session->fetch('adminpassword')))

 {

  // Include navigation panel
  include ( PATH . '/admin/navigation.php' );

  // Make sure this administrator have access to this script
  adminPermissionsCheck('manage_types', $session->fetch('adminlogin')) or error ('Critical Error', 'Incorrect privileges');

  echo table_header ( $lang['admin_3level'] );

if (isset($_POST['submit']))
 {
  $cat_disp = safehtml ($_POST['disp']);

  if (($_POST['submit'] != $lang['admin_delcat']) and (!empty($_POST['submit'])) and (empty($cat_disp))) { echo $lang['admin_empty']; }
   else
    {
     if ($_POST['submit'] == $lang['admin_addcat']) {
      $r = $db->query ('SELECT MAX(selector) AS maxselector FROM ' . LOCATION1_TABLE);
      $f = $db->fetcharray ($r);
      $newselector=$f['maxselector'] + 1;
      mysql_free_result($r);
      $r = $db->query ('INSERT INTO ' . LOCATION1_TABLE . ' (selector, category) values ("' . $newselector . '", "' . $cat_disp . '")');
      }  
     elseif ($_POST['submit'] == $lang['admin_addsubcat']) {
      $r = $db->query ('SELECT MAX(catsubsel) AS maxsubsel FROM ' . LOCATION2_TABLE);
      $oldcat = explode('::', $_POST['chosen']);
      $f = $db->fetcharray ($r);
      $newsubselector=$f['maxsubsel'] + 1;
      mysql_free_result($r);

      $r = $db->query ('SELECT * FROM ' . LOCATION1_TABLE . ' WHERE selector= "' . $oldcat['0'] . '"');
      $f = $db->fetcharray ($r);
      mysql_free_result($r);

       if (
          ($f['fcounter'] == 0) or
 	  (($f['fcounter'] != 0) and ($allowcats == 'YES')) or
          (($f['fcounter'] != 0) and ($f['sccounter'] != 0) and ($f['ssccounter'] == 0))
          ) {
        if (($oldcat['0'] != '') and ($oldcat['0'] != '0')) {
          $r = $db->query ('INSERT INTO ' . LOCATION2_TABLE . ' (catsel, catsubsel, subcategory) values ("' . $oldcat[0] . '", "' . $newsubselector . '", "' . $cat_disp . '")');
          $db->query  ( 'UPDATE ' . LOCATION1_TABLE . ' SET sccounter = sccounter+1 where selector = "' . $oldcat['0'] . '"');
	 }
 	  else echo '<b>' . $lang['admin_3level_error'] . '</b><br /><br />';
	}
       else echo '<b>' . $lang['admin_3level_error'] . '</b><br /><br />';
      }
     elseif ($_POST['submit'] == $lang['admin_addsubsubcat']) {
      $oldcat = explode('::', $_POST['chosen']);
      $r = $db->query ('SELECT * FROM ' . LOCATION2_TABLE . ' WHERE catsel = "' . $oldcat['0'] . '" AND catsubsel = "' . $oldcat['1'] . '"');
      $f = $db->fetcharray ($r);
      mysql_free_result($r);
      if (
      ($f['fcounter'] == 0) or
      (($f['fcounter'] != 0) and ($allowcats == 'YES')) or
      (($f['fcounter'] != 0) and ($f['ssccounter'] != 0 ))
         )
       {
	if (($oldcat['1'] != '') and ($oldcat['1'] != '0') and ($oldcat['0'] != '') and ($oldcat['0'] != '0'))
	{
	 $r = $db->query ('SELECT MAX(catsubsubsel) AS maxsubsubsel FROM ' . LOCATION3_TABLE);
	 $f = $db->fetcharray ($r);
	 $newsubselector = $f['maxsubsubsel'] + 1;
	 $r = $db->query ('INSERT INTO ' . LOCATION3_TABLE . ' (catsel, catsubsel, catsubsubsel, subsubcategory) values ("' .$oldcat['0'] . '", "' . $oldcat['1'] . '", "' . $newsubselector . '", "' . $cat_disp . '")');
	 $db->query  ('UPDATE ' . LOCATION1_TABLE . ' SET ssccounter = ssccounter+1 where selector = "' . $oldcat['0'] . '"');
	 $db->query  ('UPDATE ' . LOCATION2_TABLE . ' SET ssccounter = ssccounter+1 where catsel = "' . $oldcat['0'] . '" AND catsubsel = "' . $oldcat['1'] . '"');
	}
       else echo '<b>' . $lang['admin_3level_error'] . '</b><br /><br />';
       }
      else echo '<b>' . $lang['admin_3level_error'] . '</b><br /><br />';
      }
     elseif ($_POST['submit'] == $lang['admin_catren']) {
      $cat = explode('::', $_POST['chosen']);
      $cat0 = $cat['0'];
      @$cat1 = $cat['1'];
      @$cat2 = $cat['2'];
      if ($cat1 == '') {
       $r = $db->query ('SELECT * FROM ' . LOCATION1_TABLE . ' WHERE selector= "' . $cat0 . '"');
       $f = $db->fetcharray ($r);
       $db->query ('UPDATE ' . LOCATION1_TABLE . ' SET category= "' . $cat_disp . '" WHERE selector = "' . $cat0 . '"');
      }
      if (($cat1 != '') and ($cat2 == '')) {
       $r = $db->query ('SELECT * FROM ' . LOCATION2_TABLE . ' WHERE catsel = "' . $cat0 . '" AND catsubsel= "' . $cat1 . '"');
       $f = $db->fetcharray ($r);
       $db->query ('UPDATE ' . LOCATION2_TABLE . ' SET subcategory= "' . $cat_disp . '" WHERE catsel= "' . $cat0 . '" AND catsubsel= "' . $cat1 . '"');
      }
      if (($cat1 != '') and ($cat2 != '')) {
       $r = $db->query ('SELECT * FROM ' . LOCATION2_TABLE . ' WHERE catsel= "' . $cat0 . '" AND catsubsel= "' . $cat1 . '" AND catsubsubsel= "' . $cat2 . '"');
       $f = $db->fetcharray ($r);
       $db->query ('UPDATE ' . LOCATION3_TABLE . ' SET subsubcategory= "' . $cat_disp . '" WHERE catsel= "' . $cat0 . '" AND catsubsel= "' . $cat1 . '" AND catsubsubsel= "' . $cat2 . '"');
      }
     }
     elseif ($_POST['submit'] == $lang['admin_delcat']) {

      $cat = explode("::", $_POST['chosen']);
      $cat0 = $cat['0'];
      @$cat1 = $cat['1'];
      @$cat2 = $cat['2'];

      if ($cat1 == '') {
       $r = $db->query ('SELECT * FROM ' . LOCATION1_TABLE . ' WHERE selector= "' . $cat0 . '"');
       $f = $db->fetcharray ($r);
       $db->query ('DELETE FROM ' . LOCATION1_TABLE . ' WHERE selector= "' . $cat0 . '"');
       $db->query ('DELETE FROM ' . LOCATION2_TABLE . ' WHERE catsel= "' . $cat0 . '"');
       $db->query ('DELETE FROM ' . LOCATION3_TABLE . ' WHERE catsel= "' . $cat0 . '"');
      }

      if (($cat1 != '') and ($cat2 == '')) {
       $db->query ('DELETE FROM ' . LOCATION2_TABLE . ' WHERE catsel= "' . $cat0 . '" AND catsubsel= "' . $cat1 . '"');
       $db->query ('DELETE FROM ' . LOCATION3_TABLE . ' WHERE catsel= "' . $cat0 . '" AND catsubsel= "' . $cat1 . '"');
       $db->query ('UPDATE ' . LOCATION1_TABLE . ' SET sccounter = sccounter-1 WHERE selector = "' . $cat['0'] . '"');
      }
      if (($cat1 != '') and ($cat2 != '')) {
       $db->query ('DELETE FROM ' . LOCATION3_TABLE . ' WHERE catsel= "' . $cat0 . '" AND catsubsel= "' . $cat1 . '" AND catsubsubsel= "' . $cat2 . '"');
       $db->query ('UPDATE ' . LOCATION1_TABLE . ' SET sccounter = sccounter-1 WHERE selector = "' . $cat['0'] . '"');
       $db->query ('UPDATE ' . LOCATION2_TABLE . ' SET ssccounter = ssccounter-1 WHERE catsel = "' . $cat['0'] . '" AND catsubsel = "' . $cat['1'] . '"');
      }
     }
    }
 }

  $r=$db->query ('SELECT * FROM ' . LOCATION1_TABLE . ' ORDER BY category ASC');
  $results_amount = $db->numrows($r);

  // Echo the table with the locations
  echo '<table width="90%" border="0" cellpadding="0" cellspacing="0">';
  echo '<form method="POST" action="' . URL . '/admin/editlocations.php">';

  for ($x=0; $x < $results_amount; $x++) {
  $f = $db->fetcharray ($r);

  echo '
<tr>
 <td width="100%" align="left" valign="top">
 <br /><br /><input type="radio" name="chosen" value="' . $f['selector'] . '" style="border:0;">
 <b>' . $f['category'] . '</b>
 <font color="#777777" size="1">
 (id ' . $f['selector'] . ')
 </font><br />
 </td>
</tr>
';

  $re = $db->query ('SELECT * FROM ' . LOCATION2_TABLE . ' WHERE catsel = "' . $f['selector'] . '" ORDER BY subcategory ASC');
  $results_amount2 = $db->numrows($re);
  for ($x1=0; $x1 < $results_amount2; $x1++) {
  $fe = $db->fetcharray ($re);
  echo '
<tr>
 <td width="100%" align="left" valign="top">
 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
 <input type="radio" name="chosen" value="' . $f['selector'] . '::' . $fe['catsubsel'] . '" style="border:0;">
 <b>' . $fe['subcategory'] . '</b>
 <font color="#BEBEBE" size="1">
 (id ' . $fe['catsubsel'] . ')
 </font><br />
 </td>
</tr>
';

  $ree = $db->query ('SELECT * FROM ' . LOCATION3_TABLE . ' WHERE catsubsel= "' . $fe['catsubsel'] . '" AND catsel= "' . $f['selector'] . '" ORDER BY subsubcategory ASC');
  $results_amount3 = $db->numrows($ree);
  for ($y1=0; $y1 < $results_amount3; $y1++) {
  $fee = $db->fetcharray ($ree);
  echo '
<tr>
 <td width="100%" align="left" valign="top">
 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
 <input type="radio" name="chosen" value="' . $f['selector'] . '::' . $fe['catsubsel'] . '::' . $fee['catsubsubsel'] . '" style="border:0;">
 ' . $fee['subsubcategory'] . '
 <font color="#BABABA" size="1">
 (id ' . $fee['catsubsubsel'] . ')
 </font><br />
 </td>
</tr>
';
  }
  }
  }

  echo '<tr><td align="center" valign="top"><br /><br /><br />';

  echo '<input type="text" size="50" name="disp">
  <br /><br />
  <input type="submit" name="submit" value="' . $lang['admin_addcat'] . '">
  &nbsp;&nbsp;
  <input type="submit" name="submit" value="' . $lang['admin_addsubcat'] . '">
  &nbsp;&nbsp;
  <input type="submit" name="submit" value="' . $lang['admin_addsubsubcat'] . '">
  <br /><br />
  <input type="submit" name="submit" value="' .$lang['admin_catren'] . '">
  &nbsp;&nbsp;
  <input type="submit" name="submit" value="' .$lang['admin_delcat'] . '" style="color: #FFFFFF; background: #D55454;">
  ';

	echo '</tr></td>
</form>
</table>
';

  echo table_footer ();

 }

else

 {

  error ('Critical Error' , 'Please, login to access this script.');

 }

// Template footer
include ( PATH . '/admin/template/footer.php' );

?>